Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vjH7YqnhBtMXiym7JfwdctaSHv4.roa
File: vjH7YqnhBtMXiym7JfwdctaSHv4.roa (raw, json)
Hash identifier: O6K/A8NqAZzmqmBDTythfHTqu9nJTgj4NJAns52bh5c=
Subject key identifier: BE:31:FB:62:A9:E1:06:D3:17:8B:29:BB:25:FC:1D:72:D6:92:1E:FE
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018F96AAC58A5546A5DCD3B3C7260B8AAB83
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vjH7YqnhBtMXiym7JfwdctaSHv4.roa
Signing time: Mon 20 May 2024 15:42:05 +0000
ROA not before: Mon 20 May 2024 15:42:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202941
IP address blocks: 2a10:2f00:187::/48 maxlen: 48
2a10:ccc0:800::/38 maxlen: 48
Validation: Failed, certificate revoked on Tue 21 May 2024 12:37:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:96:aa:c5:8a:55:46:a5:dc:d3:b3:c7:26:0b:8a:ab:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 20 15:42:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be31fb62a9e106d3178b29bb25fc1d72d6921efe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:cb:86:40:70:5a:a1:36:92:e8:0b:5f:b5:28:
8b:11:6f:d3:92:ef:f7:2c:c8:45:68:18:fb:d9:60:
3f:96:e7:26:6e:fc:20:c1:97:cb:85:26:92:54:75:
2c:34:3a:4c:17:cc:a4:ea:74:50:7c:7a:88:66:9d:
85:e3:39:75:fe:fd:28:24:c1:56:3d:8e:e5:a1:42:
c8:30:96:d8:12:ad:58:63:e7:78:f2:d2:8f:27:96:
0a:40:da:23:39:6d:59:45:2d:6f:0b:69:a4:05:58:
7e:79:76:cf:0b:48:22:3c:e0:86:21:d9:77:5b:b8:
95:8a:18:1c:31:a3:d1:44:1b:77:9a:b5:af:1d:00:
2a:f4:c3:a1:6f:c9:ca:10:27:85:ec:2d:7b:d0:2f:
e7:7e:4f:01:c7:ed:5b:8c:70:59:f2:6a:fe:10:4f:
db:26:15:33:3a:df:1d:93:04:c0:b2:51:2b:8a:24:
ef:5d:2d:52:08:c3:a0:89:58:ff:59:ac:03:3a:89:
3b:b6:e4:a0:ff:a5:f2:9f:0a:ab:3d:1c:13:4b:3a:
15:40:3f:63:0a:44:5b:81:15:1f:30:53:d4:29:b9:
1f:f3:41:14:b1:79:2f:8a:0c:fe:ef:05:24:96:38:
f3:c3:27:b7:e5:7e:86:4a:8e:89:86:6e:4c:37:18:
39:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:31:FB:62:A9:E1:06:D3:17:8B:29:BB:25:FC:1D:72:D6:92:1E:FE
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vjH7YqnhBtMXiym7JfwdctaSHv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:187::/48
2a10:ccc0:800::/38
Signature Algorithm: sha256WithRSAEncryption
c4:51:bf:a5:3a:a1:f3:14:c6:a2:cf:57:b8:3c:fb:3c:2e:d6:
d5:57:6f:a2:cf:4e:ae:f6:1c:ef:c4:cd:69:c3:d0:2d:55:08:
36:c4:5f:6a:d5:ef:e8:c1:e2:6a:37:39:e7:0d:cf:a7:33:f6:
65:4e:f6:ae:ff:a1:04:64:5e:11:c0:64:73:b6:b1:02:28:ac:
c7:36:2c:65:20:48:08:8b:66:df:9f:d8:dc:04:9c:d4:fa:ea:
54:46:9a:22:0d:a6:37:28:a6:8f:ad:8c:ec:3f:a2:cd:4f:4d:
45:e7:18:a0:d9:bf:b4:10:9e:6f:b6:fc:0c:c5:98:57:59:1e:
01:70:f0:a0:3f:c9:17:35:cd:d3:ca:a7:21:fb:3d:a9:d6:a0:
3b:9b:24:d4:20:a4:ec:67:b7:8e:95:b7:78:fd:39:9e:cd:fe:
15:64:a2:f0:24:1f:29:54:59:cb:da:78:f3:db:54:7c:5d:9f:
73:5b:3f:0a:30:35:a0:1e:4d:7f:3a:d1:68:44:a3:c6:4e:66:
66:68:aa:c3:07:08:25:70:fe:76:4c:9f:a1:9b:e5:72:60:1f:
a6:d4:45:b4:14:85:f2:b4:c4:b7:2b:01:2f:22:1b:2f:02:28:
02:37:94:8b:f2:8d:b0:da:d8:30:96:54:22:2f:d4:a8:52:13:
f0:09:c3:60
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAY+WqsWKVUal3NOzxyYLiquDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwNTIwMTU0MjA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTMxZmI2MmE5ZTEwNmQzMTc4YjI5YmIyNWZjMWQ3MmQ2OTIxZWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMuGQHBaoTaS6AtftSiLEW/Tku/3
LMhFaBj72WA/lucmbvwgwZfLhSaSVHUsNDpMF8yk6nRQfHqIZp2F4zl1/v0oJMFW
PY7loULIMJbYEq1YY+d48tKPJ5YKQNojOW1ZRS1vC2mkBVh+eXbPC0giPOCGIdl3
W7iVihgcMaPRRBt3mrWvHQAq9MOhb8nKECeF7C170C/nfk8Bx+1bjHBZ8mr+EE/b
JhUzOt8dkwTAslEriiTvXS1SCMOgiVj/WawDOok7tuSg/6XynwqrPRwTSzoVQD9j
CkRbgRUfMFPUKbkf80EUsXkvigz+7wUkljjzwye35X6GSo6Jhm5MNxg5TQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFL4x+2Kp4QbTF4spuyX8HXLWkh7+MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdmpIN1lxbmhCdE1YaXltN0pmd2RjdGFTSHY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKhAvAAGH
AwYCKhDMwAgwDQYJKoZIhvcNAQELBQADggEBAMRRv6U6ofMUxqLPV7g8+zwu1tVX
b6LPTq72HO/EzWnD0C1VCDbEX2rV7+jB4mo3OecNz6cz9mVO9q7/oQRkXhHAZHO2
sQIorMc2LGUgSAiLZt+f2NwEnNT66lRGmiINpjcopo+tjOw/os1PTUXnGKDZv7QQ
nm+2/AzFmFdZHgFw8KA/yRc1zdPKpyH7PanWoDubJNQgpOxnt46Vt3j9OZ7N/hVk
ovAkHylUWcvaePPbVHxdn3NbPwowNaAeTX860WhEo8ZOZmZoqsMHCCVw/nZMn6Gb
5XJgH6bURbQUhfK0xLcrAS8iGy8CKAI3lIvyjbDa2DCWVCIv1KhSE/AJw2A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:34 2024 by rpki-client on console-ams.rpki-client.org